[BPT Utils] Allowing Registered Role is a Security Vulnerability

Back to Forums

Ross Jennings

Question

Forge

Security

Traditional Web

Application Type

Traditional Web

The screens within BPT Utils allow access to the Registered role, giving any authenticated user access to administrator-level functionality. This is a significant security vulnerability. Role-based access needs to be implemented.

05 Dec 2023

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.

See the full guidelines